﻿Imports System.Data.SqlClient

Public Class adm_login
    Inherits System.Web.UI.Page
    Private objrd As SqlDataReader = Nothing
    Private objfind As New GetData
    Private sSQL As String
    Private ps As New PreparedStatement(sSQL)

    Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
        Dim strUID, pwd, strPwd, aid As String
        Dim strErr As String = ""
        strUID = txtUID.Text
        pwd = txtPwd.Text
        If strUID = "" Then
            result.Text = ""
            result.Text = "<center><b><font color=""#FF0000""> Pleas enter your User ID</font></b></center>"
            Exit Sub
        End If
        If pwd = "" Then
            result.Text = ""
            result.Text = "<center><b><font color=""#FF0000""> Pleas enter your password</font></b></center>"
            Exit Sub
        End If
        ps.addParameter("id", strUID)
        sSQL = "select *  from  adm_user where adminuser_id=@id or email_address=@id"
        ps.strSql = sSQL
        Dim conn As SqlConnection = objfind.getConn()

        objrd = objfind.dr(ps, strErr, conn, objrd)
        If Not objrd.Read() Then
            result.Text = ""
            result.Text = "<center><b><font color=""#FF0000""> Error: The User ID or email does not exist</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        aid = objrd("GAPortal_ID").ToString()
        strPwd = objrd("password").ToString()
        Dim sh As New SHA1
        pwd = sh.mySHA(pwd)
        objfind.closeConn(conn)

        If pwd = strPwd Then
            Session("admin_ID") = aid
            Response.Redirect("default.aspx")
        Else
            result.Text = ""
            result.Text = "<center><b><font color=""#FF0000""> Error: The password is wrong</font></b></center>"

            Exit Sub
        End If


    End Sub
End Class